Monthly Selected Authority Documents - January, 2024

February 1, 2024

Here is a list of the 50 most selected Authority Documents in the Common Controls Hub this past month. We also list how many groups each Authority Document has been assigned to and how many initiatives it has been assigned to.

AD Common NameAD TypeSelectedGroupsInitiatives
CobiTSafe Harbor511671
Cross Border Privacy AssessmentBest Practice Guideline4331
Basel IIRegulation or Statute42120
ISO/IEC 27001:2022International or National Standard36104
PCI DSS Defined Approach Requirements, Version 4.0International or National Standard2884
EU General Data Protection Regulation (GDPR)Regulation or Statute2518519
NIST SP 800-53 R5International or National Standard252717
ISO/IEC 27002:2022International or National Standard241010
CIS Controls, V8Best Practice Guideline20139
ISO/IEC 27701:2019International or National Standard19189
NIST CSF 1.1International or National Standard196123
NIST SP 800-53 Revision 5.1.1International or National Standard1900
ISO 27001-2013International or National Standard1721622
23 NYCRR 500Regulations1511
Digital Operational Resilience ActRegulations1400
ISO 22301- Societal Security - Business Continuity Management Systems - RequirementsInternational or National Standard14191
NIST SP 800-171, Protecting Controlled Unclassified Information in Nonfederal Systems and OrganizationsInternational or National Standard14158
ISO/IEC 27017:2015(E)Self-Regulatory Body Requirement122311
NIST SP 800-53International or National Standard12172
hipaa security ruleRegulation or Statute1151
PCI DSS v3.2.1Contractual Obligation1184
Cloud Controls Matrix, v4.0Self-Regulatory Body Requirement1050
COBIT 2019Safe Harbor1052
SOC2Safe Harbor1050
Brazilian General Data Protection Law (LGPD)Bill or Act9110
California Privacy Rights Act (CPRA)Bill or Act942
COBIT 5 Enabling Processes: BasicsSafe Harbor9553
CSF V1.1International or National Standard900
HIPAABill or Act9104
ISO/IEC 27018:2019International or National Standard932
PCI DSS Defined Approach Testing Procedures, Version 4.0International or National Standard965
Sarbanes-Oxley Act of 2002Bill or Act956
23 NYCRR 500Regulation or Statute8286
AICPA Reporting on Controls at a Service Organization SOC-2Safe Harbor81447
BSI Cloud Computing Compliance Controls Catalogue (C5)Best Practice Guideline8184
FFIEC Information Technology Examination Handbook - Business Continuity ManagementAudit Guideline8205
ISO 22301:2019(E)International or National Standard812
ISO 27002International or National Standard885
Trust Services Criteria (with Revised Points of Focus - 2022)Self-Regulatory Body Requirement853
Australia Privacy Amendment ActRegulation or Statute7200
COSO Enterprise Risk Management (2017)Best Practice Guideline7259
HIPAA Electronic Health Record TechnologyRegulation or Statute721
NIST AI 100-1Best Practice Guideline710
NIST Privacy FrameworkInternational or National Standard7157
NIST SP 800-34, Rev 1International or National Standard700
NIST SP 800-39International or National Standard7196
SWIFT Customer Security Controls FrameworkBest Practice Guideline700
AICPA/CICA Privacy Management FrameworkBest Practice Guideline600
Australian Government Information Security Manual ControlsInternational or National Standard630
Australian Government Information Security Manual, September 2023International or National Standard600